Re: HTTP router point-of-view concerns
Sam Pullara <spullara@gmail.com> Sun, 14 July 2013 06:23 UTC
Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D42B91F0D3A for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sat, 13 Jul 2013 23:23:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.598
X-Spam-Level:
X-Spam-Status: No, score=-10.598 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZtMas0sWKdEf for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sat, 13 Jul 2013 23:23:38 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id B9B2C11E80D5 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Sat, 13 Jul 2013 23:23:38 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1UyFhs-0001h3-Do for ietf-http-wg-dist@listhub.w3.org; Sun, 14 Jul 2013 06:22:52 +0000
Resent-Date: Sun, 14 Jul 2013 06:22:52 +0000
Resent-Message-Id: <E1UyFhs-0001h3-Do@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <spullara@gmail.com>) id 1UyFhj-0001g8-Kv for ietf-http-wg@listhub.w3.org; Sun, 14 Jul 2013 06:22:43 +0000
Received: from mail-pb0-f53.google.com ([209.85.160.53]) by maggie.w3.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.72) (envelope-from <spullara@gmail.com>) id 1UyFhi-00029g-JO for ietf-http-wg@w3.org; Sun, 14 Jul 2013 06:22:43 +0000
Received: by mail-pb0-f53.google.com with SMTP id xb12so10278934pbc.26 for <ietf-http-wg@w3.org>; Sat, 13 Jul 2013 23:22:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=date:from:to:cc:message-id:in-reply-to:references:subject :mime-version:content-type; bh=DfAojr6VCD6upIRg9KkInjkYYkZUgkNYC7r8QvQ3i7s=; b=v2BW7H/G4XHbn9oz4zCgOBfuMdJXG1fW2k/q/kTqcCdh6pWsefZ7dXQQ0sochIVUL2 n1Tawv9qEUQxln63v5IvRC/KJ7Xx/eLgc1gG/XLtPI/VFk6r5F2UAlYd7VzhAGkCQk6f aVOxJZJet9EQgf6WROA5SSlE3Z4MeYYqXOeGbypa6qVEi0jJBSJ1IkStFhMZSN+vSkCt T3hNJFS8wTkKIgJu2x3xOt+lxeUVB4lsezZZZAL84IGzoy0B7/v4pIPqHRSUBgpunLM3 heTqHIvmfNkzAHxoOELO4ST/EJN1ZoL9EY61Fpj5IdqwO39nLG8OEHvvBawcU3KP6JpI qtrA==
X-Received: by 10.68.202.106 with SMTP id kh10mr22464625pbc.90.1373782936342; Sat, 13 Jul 2013 23:22:16 -0700 (PDT)
Received: from Sam-Pullaras-iPhone (c-69-181-124-251.hsd1.ca.comcast.net. [69.181.124.251]) by mx.google.com with ESMTPSA id y6sm54034556pbl.23.2013.07.13.23.22.13 for <multiple recipients> (version=SSLv3 cipher=RC4-SHA bits=128/128); Sat, 13 Jul 2013 23:22:14 -0700 (PDT)
Date: Sat, 13 Jul 2013 23:22:12 -0700
From: Sam Pullara <spullara@gmail.com>
To: Willy Tarreau <w@1wt.eu>
Cc: HTTP Working Group <ietf-http-wg@w3.org>, Mark Nottingham <mnot@mnot.net>, Yoav Nir <ynir@checkpoint.com>, Poul-Henning Kamp <phk@phk.freebsd.dk>, Stephen Farrell <stephen.farrell@cs.tcd.ie>
Message-ID: <0FB74318-37AD-4DA8-A852-65A75FE88607@gmail.com>
In-Reply-To: <20130714054840.GR32054@1wt.eu>
References: <CABP7RbcUkLf3CTAB4jwicnsiKWLGVY6=hX0k=0256SR_gcVt9A@mail.gmail.com> <092D65A8-8CB7-419D-B6A4-77CAE40A0026@gmail.com> <3835.1373612286@critter.freebsd.dk> <CD9E163F-1225-4DA8-9982-8BDBD16B1051@mnot.net> <1772.1373629495@critter.freebsd.dk> <20130712125628.GC28893@1wt.eu> <22115082-53F8-433C-9497-755800803B93@checkpoint.com> <2101.1373699489@critter.freebsd.dk> <29B4ED34-8A7F-477F-AC80-47BC2205198F@checkpoint.com> <51E1D753.8080807@cs.tcd.ie> <20130714054840.GR32054@1wt.eu>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="51e24394_327b23c6_af"
Received-SPF: pass client-ip=209.85.160.53; envelope-from=spullara@gmail.com; helo=mail-pb0-f53.google.com
X-W3C-Hub-Spam-Status: No, score=-3.2
X-W3C-Hub-Spam-Report: AWL=-2.409, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001
X-W3C-Scan-Sig: maggie.w3.org 1UyFhi-00029g-JO 4031c55ee4f9fff975ec5d390e9c1909
X-Original-To: ietf-http-wg@w3.org
Subject: Re: HTTP router point-of-view concerns
Archived-At: <http://www.w3.org/mid/0FB74318-37AD-4DA8-A852-65A75FE88607@gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/18763
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
As long as there is someway for users to keep themselves logged into a site, sounds good to me. Sam ---Sent from Boxer | http://getboxer.com On Sat, Jul 13, 2013 at 11:40:19PM +0100, Stephen Farrell wrote: > > Its a bit of a moot point I guess but... > > On 07/13/2013 09:24 PM, Yoav Nir wrote: > > allow it to persist for as long as you want > > I've always been amused that HTTP needs to be able to > manage state for decades. It'd be truly impressive if > a browser really managed state that lasts far longer > than the h/w on either side and probably also longer > than any piece of n/w kit in between. > > If HTTP/2.0 were to impose an upper bound on cookie > lifetime of say, a session, that'd be good IMO. But I > guess that probably would be out of charter, even if > it'd be a good thing, as it'd break stuff. OTOH, it'd > arguably be a good thing to leave such stuff behind when > moving to HTTP/2.0. I think that *session* cookies are needed, but *permanent* cookies are mostly used by ads and user tracking, even if a few sites use them to store user preferences. One elegant solution would probably be to systematically have UAs ask end users whenever a cookie is sent to be stored for more than (say) 24h. Site designers will take care of this because they don't want to make their site emit warnings that upset end users. And if the cookie is used to store preferences, it is normal that the user gives the permission to do that. Also, we should probably recommend that UAs automatically expire session cookies after some time (maybe the same delay limit that is used before emitting a warning). I've dealt with issues where some smartphone browsers never close and never delete session cookies, causing the same browser to always go to the same server past the load balancer. In the end, I had the LB detect those cookies to fix them! Regards, Willy
- HTTP router point-of-view concerns Christian Parpart
- Re: HTTP router point-of-view concerns Amos Jeffries
- Re: HTTP router point-of-view concerns Roberto Peon
- Re: HTTP router point-of-view concerns Amos Jeffries
- Re: HTTP router point-of-view concerns Christian Parpart
- Re: HTTP router point-of-view concerns Amos Jeffries
- Re: HTTP router point-of-view concerns Michael Sweet
- Re: HTTP router point-of-view concerns Martin Thomson
- Re: HTTP router point-of-view concerns James M Snell
- Re: HTTP router point-of-view concerns Sam Pullara
- Re: HTTP router point-of-view concerns Roberto Peon
- Re: HTTP router point-of-view concerns Roberto Peon
- Re: HTTP router point-of-view concerns Amos Jeffries
- Re: HTTP router point-of-view concerns Sam Pullara
- Re: HTTP router point-of-view concerns Patrick McManus
- Re: HTTP router point-of-view concerns Roberto Peon
- Re: HTTP router point-of-view concerns James M Snell
- Re: HTTP router point-of-view concerns Roberto Peon
- Re: HTTP router point-of-view concerns James M Snell
- Re: HTTP router point-of-view concerns Roberto Peon
- Re: HTTP router point-of-view concerns Sam Pullara
- Re: HTTP router point-of-view concerns Roberto Peon
- Re: HTTP router point-of-view concerns Martin Thomson
- Re: HTTP router point-of-view concerns Poul-Henning Kamp
- Re: HTTP router point-of-view concerns Mark Nottingham
- Re: HTTP router point-of-view concerns Mike Belshe
- Re: HTTP router point-of-view concerns Gábor Molnár
- Re: HTTP router point-of-view concerns Gábor Molnár
- Re: HTTP router point-of-view concerns Poul-Henning Kamp
- Re: HTTP router point-of-view concerns Michael Sweet
- Re: HTTP router point-of-view concerns Christian Parpart
- Re: HTTP router point-of-view concerns Willy Tarreau
- Re: HTTP router point-of-view concerns Patrick McManus
- Re: HTTP router point-of-view concerns Jeff Pinner
- Re: HTTP router point-of-view concerns Martin Thomson
- Re: HTTP router point-of-view concerns Roberto Peon
- Re: HTTP router point-of-view concerns Ludin, Stephen
- Re: HTTP router point-of-view concerns Roberto Peon
- Re: HTTP router point-of-view concerns James M Snell
- Re: HTTP router point-of-view concerns Amos Jeffries
- Re: HTTP router point-of-view concerns Amos Jeffries
- Re: HTTP router point-of-view concerns Roberto Peon
- Re: HTTP router point-of-view concerns Yoav Nir
- Re: HTTP router point-of-view concerns Willy Tarreau
- Re: HTTP router point-of-view concerns Poul-Henning Kamp
- Re: HTTP router point-of-view concerns Poul-Henning Kamp
- Re: HTTP router point-of-view concerns Willy Tarreau
- Re: HTTP router point-of-view concerns Poul-Henning Kamp
- Re: HTTP router point-of-view concerns Sam Pullara
- Re: HTTP router point-of-view concerns Willy Tarreau
- Re: HTTP router point-of-view concerns Mark Delany
- Re: HTTP router point-of-view concerns Poul-Henning Kamp
- Re: HTTP router point-of-view concerns Poul-Henning Kamp
- Re: HTTP router point-of-view concerns Willy Tarreau
- Re: HTTP router point-of-view concerns Willy Tarreau
- Re: HTTP router point-of-view concerns Poul-Henning Kamp
- Re: HTTP router point-of-view concerns Willy Tarreau
- Re: HTTP router point-of-view concerns Yoav Nir
- Re: HTTP router point-of-view concerns Poul-Henning Kamp
- Re: HTTP router point-of-view concerns Poul-Henning Kamp
- Re: HTTP router point-of-view concerns Yoav Nir
- Re: HTTP router point-of-view concerns Willy Tarreau
- Re: HTTP router point-of-view concerns Poul-Henning Kamp
- Re: HTTP router point-of-view concerns Stephen Farrell
- Re: HTTP router point-of-view concerns Willy Tarreau
- Re: HTTP router point-of-view concerns Sam Pullara
- Re: HTTP router point-of-view concerns Nicolas Mailhot
- Re: HTTP router point-of-view concerns Nicolas Mailhot
- Re: HTTP router point-of-view concerns Nicolas Mailhot
- Re: HTTP router point-of-view concerns Martin Nilsson
- Re: HTTP router point-of-view concerns Nico Williams
- Re: HTTP router point-of-view concerns Nico Williams
- Re: HTTP router point-of-view concerns Poul-Henning Kamp
- Re: HTTP router point-of-view concerns Nico Williams
- Re: HTTP router point-of-view concerns Poul-Henning Kamp
- Re: HTTP router point-of-view concerns Nico Williams